Today we’re going to continue blogging about scripts that we can use to create system baselines. (For a primer on why you might want to consider performing a system baseline or for a process for performing system baselines, check out our previous blog entries here.)
As we discussed earlier as well, we are going to rely primarily on PowerShell to pull this information for us. So all of the scripts you will see in this series will be written as PowerShell scripts. For your sake, make your life easy, and install PowerShell version 2.0, that will give you the latest and greatest functionality and give you the same development environment we’re primarily using to write these scripts.
The script we’re going to use today will be useful if you want to discover what software is installed on a given machine. This will not detect stand alone binaries that are copied to a computer (for that we would need to reference a file system object and look for all applications). But if you’re just looking for a basic listing of all the installed applications on a machine, then this is the script for you:
Get-WmiObject win32_product | Select-Object Name,Vendor,Version
For a complete copy of each of the scripts in this series (plus bonus scripts as they arrive), check out our full directory listing at http://www.enclavesecurity.com/scripts/.
Enjoy! We look forward to providing you more fully featured scripts as the year progresses. If you do have any requests, don’t be shy, and feel free to make requests too.